Arbitrary Web Script Injection via Symlink Attack in Show In Browser Gem

Arbitrary Web Script Injection via Symlink Attack in Show In Browser Gem

CVE-2013-2105 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:P

The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

Learn more about our Web App Pen Testing.